Maptiler Tileserver Php — known CVE vulnerabilities
Every CVE whose affected-product data names Maptiler Tileserver Php, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2025-44136 — CVSS 9.8 (critical): MapTiler Tileserver-php v2.0 is vulnerable to Cross Site Scripting (XSS). The GET parameter "layer" is reflected in an error message…
CVE-2025-44137 — CVSS 8.2 (high): MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within tileserver.php is responsible for…